< Home

VPN Multicast Packet Transmission on the Public Network

Packet transmission on the public network is transparent to VPN instances. A VPN instance only needs to send VPN packets from a multicast tunnel interface (MTI) to a remote PE. The process of forwarding packets through a multicast distribution tree (MDT) on the public network is complex. MDT transmission starts after a Share-MDT is established.

Transmission on a Share-MDT

Transmission on a Share-MDT follows these steps:

  1. Multicast packets are sent from a VPN instance to the MTI of a PE.

  2. The PE cannot identify whether these VPN multicast packets are protocol or data packets. It encapsulates the VPN multicast packets into public network multicast data packets, using the MTI address (interface address used for establishing the IBGP connection) as the source address and the Share-Group address as the group address.

  3. The PE forwards the encapsulated data packets to the public network instance. These packets are then sent to the public network through the public network instance.

  4. The public network multicast data packets are forwarded along the Share-MDT until they reach the public network instance on the remote PE.

  5. The remote PE decapsulates the public network multicast data packets into VPN multicast packets and forwards them to the VPN instance.

For multicast data transmission along a Switch-MDT, see Switch-MDT Switchover.

VPN Multicast Protocol Packet Transmission

When PIM-DM runs on a VPN network:

  • Hello messages are exchanged between MTIs to establish PIM neighbor relationships.

  • PE devices trigger flood-prune processes across the public network to establish a shortest path tree (SPT).

When PIM-SM runs on a VPN network:

  • Hello messages are exchanged between MTIs to establish PIM neighbor relationships.

  • If receivers and the VPN RP belong to different sites, PE devices send Join messages across the public network to create a rendezvous point tree (RPT).

  • If the multicast source and the VPN RP belong to different sites, PE devices send Register messages across the public network to create an SPT.

Figure 1 shows an example of transmitting multicast protocol packets along a Share-MDT. In this example, the public and VPN networks run PIM-SM, and receivers on the VPN send Join messages across the public network.

In Figure 1, Receiver on VPNA belongs to Site2 and is directly connected to CE2. CE1 is the RP of group G (225.1.1.1) and belongs to Site1.

Figure 1 Multicast protocol packet transmission

The process of transmitting multicast protocol packets along the Share-MDT is as follows:

  1. The receiver instructs CE2 to receive and forward data of group 225.1.1.1 using the Internet Group Management Protocol (IGMP). CE2 creates the (*, 225.1.1.1) entry and sends a Join message to the VPN RP (CE1).

  2. The VPN instance on PE2 receives the Join message sent by CE2, creates the (*, 225.1.1.1) entry, and specifies the RPF interface (MTI) as the upstream interface. The VPN instance on PE2 considers that the Join message has been sent from the MTI.

  3. Before sending the Join message to the P device, PE2 uses Generic Routing Encapsulation (GRE) to encapsulate the message, with the MTI address as the source address and the Share-Group address as the group address. The packet then becomes a public network multicast data packet (10.1.2.1, 239.1.1.1). PE2 forwards the multicast data packet to the public network instance.

  4. The multicast data packet (10.1.2.1, 239.1.1.1) is forwarded to the public network instance on each PE along the Share-MDT. Each PE decapsulates the packet to restore the Join message destined for the VPN RP. PE devices check the RP information carried in the Join message. PE1 finds that the RP belongs to the directly connected site and sends the Join message to the VPN instance. The VPN instance on PE1 considers that the message is obtained on the MTI. Then PE1 creates the (*, 225.1.1.1) entry, specifies the MTI as the downstream interface and the interface facing CE1 as the upstream interface, and sends the message to CE1. PE3 drops the Join message.

  5. When receiving the Join message, CE1 updates or creates the (*, 225.1.1.1) entry. A VPN multicast RPT is now established across the public network.

VPN Multicast Data Packet Transmission

When PIM-DM runs on a VPN, VPN multicast data packets are transmitted along a VPN SPT across the public network.

When PIM-SM runs on a VPN:

  • If receivers and the VPN RP belong to different sites, VPN multicast data packets are transmitted across the public network along the VPN RPT.

  • If the multicast source and receivers belong to different sites, the VPN multicast data packets are transmitted across the public network along the VPN SPT.

Figure 2 shows an example of transmitting VPN multicast data packets along a Share-MDT. In this example, the public and VPN networks run PIM-DM, and an SPT is used to transmit multicast data packets across the public network.

In Figure 2, the source on VPNA sends multicast data packets to group 225.1.1.1, and the receiver is directly connected to CE2 and belongs to Site2 of VPNA.

Figure 2 Multicast data packet transmission

The process of transmitting VPN multicast data packets along the Share-MDT is as follows:

  1. The source sends a VPN multicast data packet (192.168.1.1, 225.1.1.1) to CE1.

  2. CE1 forwards the packet to PE1 along the SPT. PE1 searches for the matching forwarding entry in the VPN instance. If the list of outbound interfaces in the forwarding entry contains the MTI, PE1 forwards the VPN multicast data to the P device for further processing. The VPN instance on PE1 considers that the VPN multicast data has been sent from the MTI.

  3. Before sending the VPN multicast data packet to the P device, PE1 uses GRE to encapsulate the packet, using the MTI address as the source address and the Share-Group address as the group address. The packet then becomes a public network multicast data packet (10.1.1.1, 239.1.1.1) and is forwarded to the public network instance.

  4. The multicast data packet is forwarded to the public network instance on each PE along the Share-MDT. Each PE decapsulates the packet to restore the VPN multicast data packet and sends the packet to the VPN instance. If a PE has a downstream interface of the SPT, the PE forwards the VPN multicast data packet. If a PE has no downstream interface of the SPT, the PE drops the packet.

  5. PE2 searches for the forwarding entry in the VPN instance and sends the VPN multicast data packet to the receiver. Transmission of this VPN multicast data packet is complete.

Parent Topic: Key Processes for Multicast VPN Implementation
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >